I know some of you haven't been having problems with it but I was. The firewall is XP SP2 is much better than the previous one. Actually, it is too good for BT I guess. Anyways, I had disabled the firewall considering the fact that the router I'm using has a firewall with it. This didn't fix the UPnP issue though. Apparently there is a bit of a bug in the firewall where it will apply some of the setting regardless if the firewall is turned off or not. To fix this I simply:
1. Went to network connections.
2. Right-click on the connection you are using for your internet and go to properties.
3. Click the Advanced tab.
4. Click settings.
5. Click the Exemptions tab.
6. Click the UPnP Framework so it is checked.
7. Click OK then OK again and it SHOULD work (it did for me).

If your computer is connected directly to your uplink I don't recommend using it; but if you're behind a router, which prevents the outside world from contacting your computer via UPnP, it's not a serious concern.

I enabled UPnP and BitTornado still doesn't work. I'm forced to use Bram's BT client.

I think that the URL from the Guest post is a bunch of BS. They just want to sell a product using scare tactics. Their product does something that can already be done manually. One paragraph states "Microsoft's latest security patch DOES NOT DISABLE UPnP!" Why would it disable UPnP?! I believe that the latest security patch from Microsoft makes UPnP safe. Sure; there may be undiscovered vulnerabilities, but Microsoft generally releases patches long before they are exploited. The problem is that most elitists think that they're too good for Automatic Update Notification.

I enabled UPnP and BitTornado still doesn't work. I'm forced to use Bram's BT client.

I think that the URL from the Guest post is a bunch of BS. They just want to sell a product using scare tactics. Their product does something that can already be done manually. One paragraph states "Microsoft's latest security patch DOES NOT DISABLE UPnP!" Why would it disable UPnP?! I believe that the latest security patch from Microsoft makes UPnP safe. Sure; there may be undiscovered vulnerabilities, but Microsoft generally releases patches long before they are exploited. The problem is that most elitists think that they're too good for Automatic Update Notification.

Err... open ur mouth and now put ur foot in there. Steve Gibson's UnPlug n' Pray is FREE! There is nobody trying to sell you anything. This is just a small registry hack to disable UPnP for the average person who doesn't know how to do it manually.

There have been numerous hacks exploiting the UPnP feature that is automatically turned on. You have to keep in mind that Microsoft tailors their software around functionality before security. They figure they will configure your OS to work. It is up to the end-user to figure out what services are and are not needed. If some of these unneeded services are security risks, too bad. Microsoft will not fix them until they start receiving bad press because of it. Even with SP2 there are still known exploits in the wild. Microsoft just does not deem them serious enough to fix right away. Some of the major worms seen in the past couple years exploited known vulnerabilites. MS only fixed them after everyone started getting slammed.

You say there may be undiscovered vulnerabilities... you should be saying there are known vulnerabilities that are still not fixed Go do some googling if you don't believe me.

Turning off UPnP is just common sense. If you don't need the service running, then by all means turn it off and shut a potential security leak. As long as there is one curious or industrious individual out there, new ways to hack will be discovered. There is no such thing as a foolproof program. There are always ways to get in the door. If you remove the door and put a solid brick metal wall in it's place, it makes it a hell of a lot harder for someone to get in without being seen.

This site explains very well what services are needed and are not needed. Before making any changes, you should always READ ABOUT what you are doing. http://www.blackviper.com/WinXP/servicecfg.htm Keep in mind this is for Windows XP. There is also a section for Windows 2000.

Yadda is right, if you don't have a need for upnp, why have it on? Microsoft does have many services turned on by default, and it's more or less so the end user can have a computer up and running in several different enviroments with little knowledge of computers. This is NOT a secure enviroment at all. Blackvipers site explains many of those services, what they are needed for, etc. I find it sad that Microsoft does not have that information easily available to people, why does it have to be a 3rd party??

Any service that you have enabled on any operating system does open the door to security risks, and takes up system resorces. It makes no sence at all to have any uneeded service running on your computer, be it linux, unix, mac or microsoft. To defend any software manufacturer that enables several services that are seldom used is ignorant. Microsoft is a king at doing such things.

No matter what operating system you deal with, there will always be new exploits found, and new holes to fill. The problem with closed source software, such as microsoft, is that it is not reviewed by as many people, and when those things are found, we have to wait for microsoft to fix them. I do believe that microsoft has lost some of its trust in the public because security was not as important to the company as it should be. If they remain a closed source company, it's security will never be what it could be.

And no matter how many patches they come out with to fix a problem (any operating system) there will be a hacker that will find another hole somewhere to break in. The only secure computer there is is one that is turned off and locked away in a place that it has no human contact or connection to the outside world. What a boring computer.